Change /user/:id/verifyPassword from a GET to a POST (this will probably be undone later)

This commit is contained in:
Colin McDonald 2016-06-17 19:17:50 -04:00
parent 99b30ef290
commit b98dcd0a83
2 changed files with 6 additions and 3 deletions

View File

@ -43,6 +43,7 @@ import net.frozenorb.apiv3.route.auditLog.POSTUserAuditLogEntry;
import net.frozenorb.apiv3.route.chatFilterList.GETChatFilterList;
import net.frozenorb.apiv3.route.grants.*;
import net.frozenorb.apiv3.route.ipBans.*;
import net.frozenorb.apiv3.route.ipIntel.GETIpIntel;
import net.frozenorb.apiv3.route.ipLog.GETUserIpLog;
import net.frozenorb.apiv3.route.notificationTemplates.DELETENotificationTemplate;
import net.frozenorb.apiv3.route.notificationTemplates.GETNotificationTemplate;
@ -261,6 +262,8 @@ public final class APIv3 extends AbstractVerticle {
mainRouter.post("/ip/:id/ipBan").blockingHandler(new POSTIpIpBan(), false);
mainRouter.delete("/ipBan/:id").blockingHandler(new DELETEIpBan(), false);
mainRouter.get("/ip/:id/intel").handler(new GETIpIntel());
mainRouter.get("/user/:id/ipLog").handler(new GETUserIpLog());
mainRouter.get("/notificationTemplate/:id").handler(new GETNotificationTemplate());
@ -301,7 +304,7 @@ public final class APIv3 extends AbstractVerticle {
mainRouter.get("/user/:id/meta/:serverGroup").blockingHandler(new GETUserMeta(), false);
mainRouter.get("/user/:id/permissions").blockingHandler(new GETUserPermissions(), false);
mainRouter.get("/user/:id/requiresTOTP").blockingHandler(new GETUserRequiresTOTP(), false);
mainRouter.get("/user/:id/verifyPassword").blockingHandler(new GETUserVerifyPassword(), false);
mainRouter.post("/user/:id/verifyPassword").blockingHandler(new POSTUserVerifyPassword(), false);
mainRouter.post("/user/confirmRegister/:emailToken").blockingHandler(new POSTUserConfirmRegister(), false);
mainRouter.post("/user/:id/leave").handler(new POSTUserLeave());
mainRouter.post("/user/:id/login").blockingHandler(new POSTUserLogin());

View File

@ -7,7 +7,7 @@ import net.frozenorb.apiv3.APIv3;
import net.frozenorb.apiv3.model.User;
import net.frozenorb.apiv3.util.ErrorUtils;
public final class GETUserVerifyPassword implements Handler<RoutingContext> {
public final class POSTUserVerifyPassword implements Handler<RoutingContext> {
public void handle(RoutingContext ctx) {
User user = User.findByIdSync(ctx.request().getParam("id"));
@ -22,7 +22,7 @@ public final class GETUserVerifyPassword implements Handler<RoutingContext> {
return;
}
boolean authorized = user.checkPassword(ctx.request().getParam("password"));
boolean authorized = user.checkPassword(ctx.getBodyAsJson().getString("password"));
APIv3.respondJson(ctx, ImmutableMap.of(
"authorized", authorized